Proposal to elect new release rc--2024-05-15_23-02

Hello there!

We are happy to announce that voting is now open for a new IC release.
The NNS proposal is here: IC NNS Proposal 129746.

Here is a summary of the changes since the last release:

Release Notes for release-2024-05-15_23-02-base (5ba1412f9175d987661ae3c0d8dbd1ac3e092b7d)

Changelog since git revision 2c4566b7b7af453167785504ba3c563e09f38504

Features:

  • edf8d264d Consensus: Include subnet in BlockMetadata
  • 6bdaae9f0 Consensus(schnorr): Make AlgorithmId configurable during pre-signature generation
  • 40acdbd67 Crypto: Support hierarchical key derivation in ic_crypto_ed25519
  • f1de8ab2f Execution,Message Routing: Expanded canister invariant checks
  • c25835b17 Node: Organize and consolidate rootfs #7
  • e221d5d77 Node: Organize and consolidate rootfs #6
  • bf2c7942c Node: Organize and consolidate rootfs #5
  • 449d4508e Runtime,Execution: Implement msg_deadline System Api

Bugfixes:

  • 4d2ac2dd7 Consensus(ecdsa): Purge XNet reshare agreements once they are reported
  • 2022da6de Consensus(schnorr): Revert ’ Make MasterPublicKey in EcdsaReshareRequest mandatory’
  • 432d6804b Consensus: Fall back to origin instant in round start instant computation
  • 4c2a05b46 Consensus(api-bns): readonly SSH access for API BNs
  • 70a5a8144 Execution: Check for execution_mode in mint_cycles and cycles_burn128 System APIs
  • b442483a3 Execution,Runtime: Enforce Wasm memory limit at the start of execution
  • 4ef431d4d Execution,Runtime: Fix validation of the Wasm memory limit
  • c411940aa Networking: fix the paths that the buf lint expects and upgrade the buf version
  • d06c57dec Node,Consensus(api-boundary-node): switched from service name to port
  • bafba9804 Runtime(fuzzing): Add GlobalType V128

Performance improvements:

  • 327941796 Crypto: add batch verification of IDKG dealing support signatures
  • f2873c217 Crypto: remove one redundant iteration in polynomial evaluation

Chores:

  • f708229f3 Consensus: Create a metric for the number of ingress messages in a payload of a validated block
  • 54c76801e Consensus(schnorr): Add metrics for number of key transcript (with key id) in the payload
  • 1767c9252 Consensus: split dkg::ValidationError into dkg::PayloadBuilderError and dkg::PayloadValidationError
  • ec010aa73 Consensus(ecdsa): Add metrics monitoring new payload rollout
  • 886fd97b9 Consensus: split dkg.rs into dkg/builder.rs and dkg/validator.rs
  • 5f8f40ff1 Crypto: remove unused Csprng::seed_from_random_tape
  • 5269ffdf2 Execution(node-metrics): Rename node metrics “num_blocks_total” to “num_blocks_proposed_total”
  • b1101d66c Execution: Add new Ic00Method::ComputeInitialIDkgDealings management canister endpoint
  • 5ee015ce8 Execution,Message Routing: Add IDkgDealingsContext type for generalizing ComputeInitialEcdsaDealings method
  • 62f1aa93b Message Routing: Export remote certification heights
  • 1f3995860 Networking: remove tls from metrics exporter
  • aa93075d6 Node: Clean up and update rootfs/ documentation
  • 3ae78914c Runtime: Upgrade Wasmtime to version 20.0.2
  • 75f1c8f76 Runtime,Execution: Fix capitalization of “Wasm”
  • 6eb4d182b Runtime,Execution: Rename NumPages to NumOsPages

Refactoring:

  • 26aab1ac0 Crypto: remove key generation CSP APIs
  • b18e00470 Crypto: remove the unused perform_tls_server_handshake_without_client_auth method from the TLS interface
  • 102997d87 Crypto: rename tECDSA errors that are used for all canister threshold sigs
  • d84870b66 Crypto: remove CspThresholdEcdsaSigVerifier trait
  • 3d05df8e4 Execution: Change call_context_balances, call_context_deadlines, and call_context_balance_taken to hold data only for the current call context
  • 34b3390d8 Execution: Change rust-to-proto conversion to use references
  • 0bb64478e Execution,Interface: Move CanisterLog type to ic_types

Tests:

  • 130fc1885 Consensus: Reduce boilerplate in validator tests
  • 626bc96c6 Crypto: fix point deserialization fuzzer
  • b90bfa0bf Crypto: add tSchnorr algorithms to IDKG integration tests
  • 2936b0821 Crypto: fix CBOR dealing serialization fuzzer
  • 0f2ed163f Execution,Runtime: Add StateMachine tests for msg_deadline and call_with_best_effort_response API
  • 948279d28 IDX,Networking: jaeger vm for system tests

Other changes:

  • 4de389601 Boundary Nodes,Networking,T&V,Financial Integrations: remove the tokio-rustls dep from the http handler, and strip the suffix from the most recent version of tower-http
  • 44e5ca1e1 Execution,Consensus: Increase observability for QueryStats
  • 814e9afb2 Node: Updating container base images refs [2024-05-10-0623]
  • 559ab9a53 Runtime,Execution: Limit stable dirty pages

IC-OS Verification

To build and verify the IC-OS disk image, run:

# From https://github.com/dfinity/ic#verifying-releases
sudo apt-get install -y curl && curl --proto '=https' --tlsv1.2 -sSLO https://raw.githubusercontent.com/dfinity/ic/5ba1412f9175d987661ae3c0d8dbd1ac3e092b7d/gitlab-ci/tools/repro-check.sh && chmod +x repro-check.sh && ./repro-check.sh -c 5ba1412f9175d987661ae3c0d8dbd1ac3e092b7d

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

2 Likes

Hello there!

We are happy to announce that voting is now open for a new IC release.
The NNS proposal is here: IC NNS Proposal 129747.

Here is a summary of the changes since the last release:

Release Notes for release-2024-05-15_23-02-storage-layer (b6b2ef469bb00d38b48b789cae91251f27011b82)

Changelog since git revision 5ba1412f9175d987661ae3c0d8dbd1ac3e092b7d

Features:

  • b6b2ef469 Interface: Enable new storage layer

IC-OS Verification

To build and verify the IC-OS disk image, run:

# From https://github.com/dfinity/ic#verifying-releases
sudo apt-get install -y curl && curl --proto '=https' --tlsv1.2 -sSLO https://raw.githubusercontent.com/dfinity/ic/b6b2ef469bb00d38b48b789cae91251f27011b82/gitlab-ci/tools/repro-check.sh && chmod +x repro-check.sh && ./repro-check.sh -c b6b2ef469bb00d38b48b789cae91251f27011b82

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

1 Like

Thanks Dfinity. Can I ask if the subnet rollout schedule for this IC-OS release has already been planned already (at least in terms of which subnets will receive it, and in what order)? Given the ECDSA and Schnorr related changes and refactoring, it would be nice to see the changes rolled out to at least the fuqsr and 2fq7c application subnets before the uzr34 and pzp6e system and fiduciary subnets.

2 Likes

Reviewers for the CodeGov project have completed our review of these replica updates.

Proposal ID: 129746
Vote: ADOPT
Full report on OpenChat

Proposal ID: 129747
Vote: ADOPT
Full report on OpenChat

At the time of this comment on the forum there are still 2 days left in the voting period, which means there is still plenty of time for others to review the proposal and vote independently.

We had several very good reviews of the Release Notes on these proposals by @Zane, @cyberowl, @ZackDS, @massimoalbarello, @ilbert, @hpeebles, and @Lorimer. The IC-OS Verification was also performed by @jwiegley, @tiago89, and @Gekctek. I recommend folks take a look and see the excellent work that was performed on these reviews by the entire CodeGov team. Feel free to comment here or in the thread of each respective proposal in our community on OpenChat if you have any questions or suggestions about these reviews.

2 Likes